CompTIA SecurityX (CAS-005) — Question 42

A company hired a third-party consultant to run a cybersecurity incident simulation in order to identify security gaps and prepare stakeholders for a potential incident. Which of the following best describes this activity?

Answer options

• A. Tabletop exercise
• B. Walk-through review
• C. Lessons learned
• D. Business impact analysis

Correct answer: A

Explanation

The correct answer is A, as a tabletop exercise is specifically designed to simulate incident scenarios and evaluate responses. Options B, C, and D do not involve the same interactive simulation aspect; a walk-through review focuses on processes, lessons learned are derived post-incident, and business impact analysis assesses potential effects, not simulations.